| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
|
|
Warned-by: codespell
|
|
|
|
This field will contain a list of tainting reason tags, which can denote
that the current build has potentially been broken.
Suggested-by: Alexander E. Patrakov <patrakov@gmail.com>
|
|
Version the macros so that both can be used, and default the unversioned
one to the version 0 macro.
|
|
The .changes file describes an upload, and its Binary and Description
fields should contain (as documented) only references to the packages
being uploaded.
In case of a source-only upload, the Binary and Description fields
should be empty.
Closes: #818618
|
|
This new public module centralizes the handling of debian/source/format
so that other projects can reuse it instead of having to reimplement it.
Prompted-by: Mattia Rizzolo <mattia@debian.org>
Ref: https://salsa.debian.org/debian/devscripts/merge_requests/63
|
|
The default buildflags got moved from the Dpkg::BuildFlags module to
the Dpkg::Vendor::Debian, but this module was not adapted to match.
Instead of running the Debian hooks after the Ubuntu buildflags are set
up, run them first, and then modify/prepend the bits we need to change.
This fixes compiler optimization on ppc64el, and makes setting it more
future proof.
Fixes: commit d5374bc618310917557daa9c9ac2f4930515a0b2
Closes: #915881
Co-Author: Iain Lane <laney@ubuntu.com>
Co-Author: Adam Conrad <adconrad@ubuntu.com>
|
|
This makes several call sites more clear, as we move the logic inside
the function.
|
|
We should keep these and consider them as pseudo-EOF markers, and stop
processing once seen.
[lamby@debian.org:
- Initial test cases for dpkg-mergechangelogs functional tests. ]
Closes: #916056
|
|
For the CPAN distribution or a non-dpkg-based distribution we cannot
assume that dpkg will be installed, or even available at build time.
Skip these tests if the tools is missing.
|
|
The former calls /bin/pwd, while the latter uses the getcwd() syscall
directly.
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
This option will make the output be in reverse order.
|
|
This will make it possible to track key/value attributes for each file,
so that we can track interesting information and pass it to the various
programs parsing the debian/files file.
|
|
This is a superset of the fixdebugpath feature supported by gcc-8, but
covering in addition mappings for macros such as __FILE__ and similar.
|
|
Architecture:all packages are treated as native ones as part of the
current multi-arch design, the only current exception is in
build dependencies with the :native arch-qualifier.
It looks like this was an oversight when implementing the :native
support, as there's been no rationale found for the current behavior.
Closes: #854438
Analysis-by: Johannes Schauer <josch@debian.org>
|
|
|
|
Clarify the unknown and unused substitution variable warnings, to try to
make them more clear as to what each implies.
Closes: #904258
|
|
Thanks-to: Niels Thykier <niels@thykier.net> (for typo in dpkg(1))
|
|
C++11 makes it possible to use these attributes so that errors can be
avoided, by helping the compiler know when we mean methods to override
the ones from the parent class.
Warned-by: cppcheck
|
|
Add new TODO tests for behavior that is not yet implemented, but should.
|
|
Dependency simplification can only really be done for metadata for which
we have all its context and information during the simplification
process. Anything that relies on the state of the dependencies cannot be
simplified. This means that any dependency that might change the
satisfiability due to the value of Multi-Arch field of the depended on
package cannot be simplified.
Clarify this in the function commends, and add new test cases to cover
this.
Prompted-by: Stuart Prescott <stuart@debian.org>
|
|
The current bool overload has broken semantics, because it considers the
version "0" to be false.
The bool overload used to have sane semantics (equivalent to is_valid())
before commit 5b9f353b2940de751df47036608afbe71992d622, but there it got
changed to return the stringified version if it was valid, or undef
otherwise, to fix a problem within dpkg-shlibdeps, instead of properly
fixing the local-only problem in the tool. This makes the overload hard
to use, and broke existing callers from external projects.
We will emit a warning until dpkg 1.20.x to notify of the semantic change
in case there is code relying on the broken semantics. For fixed code the
warning can then be quiesced with:
no warnings qw(Dpkg::Version::semantic_change::overload::bool);
Closes: #895004
|
|
|
|
An ELF executable is defined by whether the object has the EXEC_P flag
defined or an interpreter in the program header. The former applies to
statically linked programs, the latter to dynamically linked programs
and possibly some shared libraries that can be executed, such as the
ones provided by glibc.
This is now more relevant as PIE makes normal executables show up as
shared objects, so they do not contain the EXEC_P flag, and were not
being detected as executables.
|
|
[guillem@debian.org:
- Update unit-tests. ]
Closes: #822914
Stable-Candidate: 1.18.x
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
Add new positive options argument to arch validators, as the Architecture
field should not accept negated architectures. We preserve the current
functions default behavior and add a new option to control whether to
reject negated architectures.
Fixes: commit d355b340f3a6cde7fc1cb5649d82fbebd3b97ea1
Stable-Candidate: 1.18.x
|
|
This adds support for AS, STRIP, OBJCOPY, OBJDUMP, NM, AR and RANLIB.
Prompted-by: Helmut Grohne <helmut@subdivi.de>
|
|
Add new test_get_temp_path() function, and replace all hardcoded
settings of the temporary directory and its creation.
|
|
We can easily know the name of the calling unit test, and can thus infer
the pathname for the data directory, instead of having to duplicate the
name, and potentially ending with it being out of sync.
|
|
|
|
Some commands pass some arguments through to another command, and those
must not be normalized as that might break their invocation.
Reported-by: Helmut Grohne <helmut@subdivi.de>
Stable-Candidate: 1.17.x 1.18.x
|
|
When we are building a source package, if we find a binary signature in
the form of a .sig file, we should try to auto-convert it to the format
that we expect to include in the source package, which is an OpenPGP
ASCII Armor.
|
|
This make fragment contains setup for build tool variables for both TOOL
and TOOL_FOR_BUILD. It does not get included by default from default.mk
|
|
|
|
We support a new source package Description field in debian/control
that will be copied into the .dsc file. The field will also be used
to initialize the new source:Synopsis and source:Extended-Description
substvars that will be available when generating the DEBIAN/control
and .changes files.
Closes: #555743
|
|
Packages intended to be built in a generic way must never rely on the
currently running kernel on the build system (an exception could be an
optimization rebuild using the current system as the reference baseline).
But to be able to detect when a package might not be reproducible due to
varying kernel information it is still useful to be able to record this
information. Although that information can be very sensitive.
When the builder has explicitly enabled the Build-Kernel-Version field
with the new dpkg-genbuildinfo --always-include-kernel option, it will
get included in the generated .buildinfo file.
Closes: #873937
|
|
We can also remove the versioned dpkg-dev Build-Depends now that we
do not use any build profile anymore.
|
|
|
|
This reduces the load chain for several Dpkg modules.
|
|
Fixes: Subroutines::ProhibitManyArgs
Warned-by: perlcritic
|
|
|
|
Our current minimal Perl version contains a new enough List::Util module
implementing none and any, and several other functions.
|
|
POSIX specifies that a diff hunk can be indented by spaces or tabs
(while the original patch(1) by Larry Wall also accepts 'X'), as long
as the amount of spaces is consistent for all subsequent lines. And as
we are not checking for this condition at all, any such indented hunk
can avoid the sanity checks performed by Dpkg::Source::Patch.
On systems using GNU patch >= 2.7.5, this should, in principle, not be
a problem anymore, as that implementation protects against directory
traversal issue. But on other systems where the patch implementation
does not perform such checks (such as the BSDs) this is an issue, so
check for this in the test-suite.
Those are arguably all security issues in these various patch
implementations, but given that we are performing sanity checks and that
those implementations are currently very lax, it seems prudent to do the
heavy lifting ourselves and also take the possible blame too.
Ref: CVE-2017-8283
Stable-Candidate: 1.17.x
|
|
Closes: #824742
Based-on-patch-by: Wookey <wookey@wookware.org>
|
|
Signed-off-by: Guillem Jover <guillem@debian.org>
|
|
We check for a specific version of perl and store that in the PERL
variable. But the shebangs on several test scripts hardcode a specific
perl that might not be present or might not be recent enough. Always
invoke perl scripts explicitly with PERL, or implicitly by letting the
currently running interpreter use itself.
|
|
restrictions"
This reverts commit 9899bdcf9bde76d969b124abf0a898fcbb202c70.
This change is contentious and should have been discussed more widely.
Given that this has been live only for a couple of days, the impact
should be minimal, but still something to take into account once and
if this gets reintroduced, in the same or different form and shape.
Closes: #852820
|
|
Add new options -ui and --unsigned-buildinfo.
Closes: #843925
|
